papers 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +11 -0
  3. data/README.md +8 -4
  4. data/lib/papers/configuration.rb +3 -0
  5. data/lib/papers/dependency_specification.rb +2 -1
  6. data/lib/papers/dependency_specification/gem.rb +3 -1
  7. data/lib/papers/version.rb +1 -1
  8. data/spec/papers_spec.rb +79 -68
  9. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d38f6dd8a9213870b3198c533cb7a54731d8d15b
4
- data.tar.gz: 460c188a68833bd4d67522e36163037a1c65e073
3
+ metadata.gz: a3dbc559e575243918efffa385aac928d327a56d
4
+ data.tar.gz: d3ef809f5a3d9593a82ff4039bd821d58aabf038
5
5
  SHA512:
6
- metadata.gz: a90556c81b2d76635c8ee185c9da05952c75d49762f3731eeb4af79297e929e8491b499d2900978915ad18282df9be4000841f836e46f795c93c68adaa7ddbe9
7
- data.tar.gz: 55573fadd64de745cedfe761eb48c6eea4ab2a0a23012a3b57f95e1f37b57735c7a82de5329350b2145459d906932730c4da57c11ed02316dd1cb5abd72c653b
6
+ metadata.gz: fe00245204a6bdc2116983f15f43af78500c14dbc8a67910bcba588c58cff579f58d3c44573c0997e033ca064cc54f9e8619bc71ba8bf253eb89dec44aaedfcb
7
+ data.tar.gz: 5a2067a1aec1942ecb6a2a5170c7f32e43c1f70f9e9ad2f75a1f78c6d26e9c01b030af9d67611665cf16fded5f126f5616ec43e12dd0fd644bb18ca0df5d347c
data/CHANGELOG.md ADDED
@@ -0,0 +1,11 @@
1
+ # Changelog
2
+
3
+ ## 1.1.0 (Current release)
4
+
5
+ * Add support for validating the licenses of Bower components (thanks to [@Aughr](https://github.com/aughr))
6
+
7
+ ## 1.0.0 (Initial Release)
8
+
9
+ * Initial release of Papers. Support for validating the licenses of:
10
+ * Ruby Gems
11
+ * Javascript libraries and files
data/README.md CHANGED
@@ -66,7 +66,11 @@ Papers.configure do |config|
66
66
  # 'Manually Reviewed',
67
67
  # 'Unlicensed'
68
68
  # ]
69
- config.license_whitelist << 'New Relic'
69
+ # config.license_whitelist << 'New Relic'
70
+
71
+ # You can specify a single license that, when used, ignores the version. Defaults to nil.
72
+ # WARNING: You should only use this for software licensed in house.
73
+ # config.version_whitelisted_license = 'New Relic'
70
74
 
71
75
  # The location of your dependency manifest. Defaults to config/papers_manifest.yml
72
76
  config.manifest_file = File.join('config', 'papers_manifest.yml')
@@ -87,7 +91,7 @@ Papers.configure do |config|
87
91
 
88
92
  # Configures where Papers should look for bower components. Each component
89
93
  # must have a .bower.json file in its directory for Papers to see it.
90
- config.bower_components_path = 'vendor/assets/components'
94
+ # config.bower_components_path = 'vendor/assets/components'
91
95
  end
92
96
  ```
93
97
 
@@ -101,7 +105,7 @@ describe 'Papers License Validation' do
101
105
  subject(:validator) { Papers::LicenseValidator.new }
102
106
 
103
107
  it 'knows and is satisfied by all dependency licenses' do
104
- expect(validator).to be_valid, "License validator failed:\n#{validator.errors.join("\n")}"
108
+ expect(validator).to be_valid, -> { "License validation failed:\n#{validator.errors.join("\n")}" }
105
109
  end
106
110
  end
107
111
 
@@ -112,7 +116,7 @@ class PapersLicenseValidationTest < ActiveSupport::TestCase
112
116
  def test_know_and_be_satisfied_by_all_licenses
113
117
  validator = Papers::LicenseValidator.new
114
118
 
115
- assert validator.valid?, "License validator failed:\n#{validator.errors.join("\n")}"
119
+ assert validator.valid?, "License validation failed:\n#{validator.errors.join("\n")}"
116
120
  end
117
121
  end
118
122
  ```
data/lib/papers/configuration.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  module Papers
2
2
  class Configuration
3
3
  attr_accessor :license_whitelist
4
+ attr_accessor :version_whitelisted_license
4
5
 
5
6
  attr_accessor :manifest_file
6
7
 
@@ -24,6 +25,8 @@ module Papers
24
25
  'Unlicensed'
25
26
  ]
26
27
 
28
+ @version_whitelisted_license = nil
29
+
27
30
  @manifest_file = File.join(Dir.pwd, 'config', 'papers_manifest.yml')
28
31
 
29
32
  @validate_gems = true
data/lib/papers/dependency_specification.rb CHANGED
@@ -15,7 +15,8 @@ module Papers
15
15
  end
16
16
 
17
17
  def acceptable_license?
18
- Papers.config.license_whitelist.include?(license)
18
+ Papers.config.license_whitelist.include?(license) ||
19
+ Papers.config.version_whitelisted_license == license
19
20
  end
20
21
 
21
22
  protected
data/lib/papers/dependency_specification/gem.rb CHANGED
@@ -11,9 +11,11 @@ module Papers
11
11
 
12
12
  def self.introspected
13
13
  Bundler.load.specs.map do |spec|
14
- # bundler versions aren't controlled by the Gemfile
14
+ # Bundler versions aren't controlled by the Gemfile
15
15
  if spec.name == 'bundler'
16
16
  spec.name
17
+ elsif spec.licenses.include?(Papers.config.version_whitelisted_license)
18
+ spec.name
17
19
  else
18
20
  "#{spec.name}-#{spec.version}"
19
21
  end
data/lib/papers/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Papers
2
2
  MAJOR = 1
3
- MINOR = 1
3
+ MINOR = 2
4
4
  PATCH = 0
5
5
 
6
6
  VERSION = [MAJOR, MINOR, PATCH].join('.')
data/spec/papers_spec.rb CHANGED
@@ -18,21 +18,16 @@ describe 'Papers' do
18
18
 
19
19
  it 'detects mismatched gems' do
20
20
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
21
- 'javascripts' => {},
22
- 'gems' => {
23
- 'foo-1.2' => {
24
- 'license' => 'MIT',
25
- 'license_url' => nil,
26
- 'project_url' => nil
27
- },
28
- 'baz-1.3' => {
29
- 'license' => 'BSD',
30
- 'license_url' => nil,
31
- 'project_url' => nil
32
- }
33
- }
34
- })
35
- Papers::Gem.stub(:introspected).and_return(['bar-1.2', 'baz-1.3'])
21
+ 'javascripts' => {},
22
+ 'gems' => {
23
+ 'foo-1.2' => { 'license' => 'MIT' },
24
+ 'baz-1.3' => { 'license' => 'BSD' }
25
+ }
26
+ })
27
+ Bundler.stub_chain(:load, :specs).and_return([
28
+ double(name: 'bar', version: '1.2', licenses: ['MIT']),
29
+ double(name: 'baz', version: '1.3', licenses: ['BSD'])
30
+ ])
36
31
 
37
32
  expect(validator.valid?).to be_false
38
33
 
@@ -50,19 +45,14 @@ describe 'Papers' do
50
45
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
51
46
  'javascripts' => {},
52
47
  'gems' => {
53
- 'foo-1.2' => {
54
- 'license' => 'MIT',
55
- 'license_url' => nil,
56
- 'project_url' => nil
57
- },
58
- 'baz-1.3' => {
59
- 'license' => 'BSD',
60
- 'license_url' => nil,
61
- 'project_url' => nil
62
- }
48
+ 'foo-1.2' => { 'license' => 'MIT' },
49
+ 'baz-1.3' => { 'license' => 'BSD' }
63
50
  }
64
51
  })
65
- Papers::Gem.stub(:introspected).and_return(['foo-1.2', 'baz-1.2'])
52
+ Bundler.stub_chain(:load, :specs).and_return([
53
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
54
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
55
+ ])
66
56
 
67
57
  expect(validator.valid?).to be_false
68
58
 
@@ -73,73 +63,94 @@ describe 'Papers' do
73
63
  validator.valid?
74
64
  end
75
65
 
66
+ it 'detects omitted gem versions' do
67
+ Papers::Configuration.any_instance.stub(:validate_javascript?).and_return(false)
68
+
69
+ Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
70
+ 'javascripts' => {},
71
+ 'gems' => {
72
+ 'foo' => { 'license' => 'MIT' },
73
+ 'baz-1.2' => { 'license' => 'BSD' }
74
+ }
75
+ })
76
+ Bundler.stub_chain(:load, :specs).and_return([
77
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
78
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
79
+ ])
80
+
81
+ expect(validator).not_to be_valid
82
+
83
+ expect(validator.errors).to eq([
84
+ 'foo-1.2 is included in the application, but not in the manifest',
85
+ 'foo is included in the manifest, but not in the application'
86
+ ])
87
+ validator.valid?
88
+ end
89
+
76
90
  it 'is OK with matching gem sets' do
77
91
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
78
92
  'javascripts' => {},
79
93
  'gems' => {
80
- 'foo-1.2' => {
81
- 'license' => 'MIT',
82
- 'license_url' => nil,
83
- 'project_url' => nil
84
- },
85
- 'baz-1.3' => {
86
- 'license' => 'BSD',
87
- 'license_url' => nil,
88
- 'project_url' => nil
89
- }
90
- },
94
+ 'foo-1.2' => { 'license' => 'MIT' },
95
+ 'baz-1.2' => { 'license' => 'BSD' }
96
+ }
91
97
  })
92
- Papers::Gem.stub(:introspected).and_return(['foo-1.2', 'baz-1.3'])
98
+ Bundler.stub_chain(:load, :specs).and_return([
99
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
100
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
101
+ ])
93
102
 
94
103
  expect(validator.valid?).to be_true
95
104
  end
96
105
 
106
+ it 'is OK with whitelisting gem versions on a specific license' do
107
+ Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
108
+ 'javascripts' => {},
109
+ 'gems' => {
110
+ 'foo' => { 'license' => 'MIT' },
111
+ 'baz' => { 'license' => 'BSD' }
112
+ }
113
+ })
114
+ Bundler.stub_chain(:load, :specs).and_return([
115
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
116
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
117
+ ])
118
+ Papers::Configuration.any_instance.stub(:version_whitelisted_license).and_return('MIT')
119
+
120
+ expect(validator).not_to be_valid
121
+ expect(validator.errors).to eq([
122
+ 'baz-1.2 is included in the application, but not in the manifest',
123
+ 'baz is included in the manifest, but not in the application'
124
+ ])
125
+ end
126
+
97
127
  it 'is OK with matching gem sets but complain about a license issue' do
98
128
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
99
129
  'javascripts' => {},
100
130
  'gems' => {
101
- 'foo-1.2' => {
102
- 'license' => 'MIT',
103
- 'license_url' => nil,
104
- 'project_url' => nil
105
- },
106
- 'baz-1.3' => {
107
- 'license' => 'GPL',
108
- 'license_url' => nil,
109
- 'project_url' => nil
110
- }
111
- },
131
+ 'foo-1.2' => { 'license' => 'MIT' },
132
+ 'baz-1.3' => { 'license' => 'GPL' }
133
+ }
112
134
  })
113
- Papers::Gem.stub(:introspected).and_return(['foo-1.2', 'baz-1.3'])
135
+ Bundler.stub_chain(:load, :specs).and_return([
136
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
137
+ double(name: 'baz', version: '1.3', licenses: ['GPL'])
138
+ ])
114
139
 
115
- expect(validator.valid?).to be_false
140
+ expect(validator).not_to be_valid
116
141
 
117
142
  expect(validator.errors).to eq([
118
143
  'baz-1.3 is licensed under GPL, which is not whitelisted'
119
144
  ])
120
-
121
- validator.valid?
122
145
  end
123
146
 
124
147
  it 'displays gem licenses in a pretty format without versions' do
125
148
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
126
149
  'javascripts' => {},
127
150
  'gems' => {
128
- 'foo-1.2' => {
129
- 'license' => 'MIT',
130
- 'license_url' => nil,
131
- 'project_url' => nil
132
- },
133
- 'baz-1.3' => {
134
- 'license' => 'BSD',
135
- 'license_url' => nil,
136
- 'project_url' => nil
137
- },
138
- 'with-hyphens-1.4' => {
139
- 'license' => 'MIT',
140
- 'license_url' => nil,
141
- 'project_url' => nil
142
- }
151
+ 'foo-1.2' => { 'license' => 'MIT' },
152
+ 'baz-1.3' => { 'license' => 'BSD' },
153
+ 'with-hyphens-1.4' => { 'license' => 'MIT' }
143
154
  },
144
155
  })
145
156
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: papers
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ralph Bodenner
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2014-01-23 00:00:00.000000000 Z
15
+ date: 2014-02-04 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: rake
@@ -53,6 +53,7 @@ extensions: []
53
53
  extra_rdoc_files: []
54
54
  files:
55
55
  - ".gitignore"
56
+ - CHANGELOG.md
56
57
  - Gemfile
57
58
  - MIT-LICENSE
58
59
  - README.md